firewall: allowing ipmi calles to be routed so that VPN clients and other boxes can make calls to ipmi

files/firewall

@@ -61,8 +61,9 @@ case $1 in
         iptables -F FORWARD
         iptables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED      -j ACCEPT
         iptables -A FORWARD -o mgmtgw1 -j DROP
-        iptables -A FORWARD -i ipmigw1 -j DROP
         iptables -A FORWARD -o ipmigw1 -j DROP
+        iptables -A FORWARD -i ipmigw1 -m state --state ESTABLISHED,RELATED      -j ACCEPT
+        iptables -A FORWARD -i ipmigw1 -j DROP
 
 
        #special tables
@@ -129,8 +130,9 @@ case $1 in
         ip6tables -F FORWARD
         ip6tables -A FORWARD -o mgmtgw1 -m state --state ESTABLISHED,RELATED      -j ACCEPT
         ip6tables -A FORWARD -o mgmtgw1 -j DROP
-        ip6tables -A FORWARD -i ipmigw1 -j DROP
         ip6tables -A FORWARD -o ipmigw1 -j DROP
+        ip6tables -A FORWARD -i ipmigw1 -m state --state ESTABLISHED,RELATED      -j ACCEPT
+        ip6tables -A FORWARD -i ipmigw1 -j DROP
 
 
        #special tables